Week 3 Flashcards
Give the 3 SECURITY PROFESSIONALS AND THE ORGANIZATION
-Senior Management
-Information security management team
-data ownership
What is the 2 types in senior management
-CHIEF INFORMATION OFFICER (CIO)
-CHIEF INFORMATION SECURITY OFFICER (CISO)
-An executive-level position that oversees the organizations computing technology and strives to create efficiency in the processing and access of the organizations information
CHIEF INFORMATION OFFICER (CIO)
-Top information security officer in an organization.
CHIEF INFORMATION SECURITY OFFICER (CISO)
4 types of INFORMATION SECURITY PROJECT TEAM
-CHAMPION
-TEAM LEADER
-SECURITY POLICY DEVELOPERS
-RISK ASSESSMENT SPECIALIST
Promotes the project and ensure its support.
CHAMPION
– Understand project management, personnel management, and information security technical requirements.
TEAM LEADER
– Understand the organization culture, existing policies, and requirements for developing and implementing successful policies.
SECURITY POLICY DEVELOPERS
– Understand financial risk assessment techniques
RISK ASSESSMENT SPECIALIST
3 types of DATA OWNERSHIP
-DATA OWNERS
-DATA CUSTODIANS
-DATA USERS
.
– Control and responsible for the security and use of a particular set of information.
DATA OWNERS
– Responsible for storage maintenance and protection of information.
DATA CUSTODIANS
-Internal and external stakeholder who interact with information in support of their organizing planning and organization.
DATA USERS
BUSINESS NEEDS FIRST
1. Protecting the organization’s ability to ______.
2.Enabling the safe ______ of applications running on the organization’s IT systems
3. Protecting the ____ the organization collects and uses
4. Safeguarding the organization’s _________
- Function
- Operation
- Data
- Technology Assets
